Package: x2goclient Tags: confirmed Version: 4.0.1.0 Severity: important x-debbugs-cc: software@matthiaskauer.com
I myself have also observed the issue reported by Matthias. Adding
this as a bug. This should get fixed before the release of 4.0.1.1.
Mike
----- Weitergeleitete Nachricht von software@matthiaskauer.com ----- Datum: Mon, 26 Aug 2013 23:54:55 +0200 Von: Matthias Kauer <software@matthiaskauer.com> Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails An: x2go-user@lists.berlios.de
Hi, I am looking for input on how to set up an ssh key-based authentication.
I generated an RSA key pair with puttygen and added it to ~/.ssh/authorized_keys2 => confirmed that I can login with putty. Now, I specify the same private key in x2goclient (windows). I enter my password and I am then prompted for the password of the ssh key. I enter it and the same ssh key password prompt reappears. This seems to be an infinite loop. When I cancel it, I get a message saying that only publickey is supported as login method (which corresponds to my sshd_config settings).
I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair. putty still works as expected with both of these alternatives. x2goclient still shows the same problems however. It only lets me login if I adapt my sshd_config and authenticate via user / password combination.
Is this a known limitation? What is the best way to achieve high security? Can I limit the x2go connections to only LAN IPs (without restricting the pure ssh connections)?
Best Wishes, Matthias Kauer
X2Go-User mailing list X2Go-User@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-user
----- Ende der weitergeleiteten Nachricht -----
--
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...
Hi Guys!
As a suggestion/workaround: I am using Pageant from the PuTTY suite, this is where I have my users load their keys. Pageant is a SSH agent for Windows, under the same license as PuTTY and PuTTYgen. The reason why I'm using it is that my users also use WinSCP for file transfers and thus have to authenticate only once - when loading/unlocking their key file in pageant.
Thus, I'm telling both x2goclient and WinSCP to use the SSH agent, and everything works (for me).
Please ALSO note that PuTTYgen saves the private key files in its own special format (as indicated by the *.ppk extension). You might have to use one of the "Export" Options in PuTTYgen's "Conversions" menu so that x2goclient is able to process the key.
-Stefan
Am 27.08.2013 12:34, schrieb Mike Gabriel:
Package: x2goclient Tags: confirmed Version: 4.0.1.0 Severity: important x-debbugs-cc: software@matthiaskauer.com
I myself have also observed the issue reported by Matthias. Adding this as a bug. This should get fixed before the release of 4.0.1.1.
Mike
----- Weitergeleitete Nachricht von software@matthiaskauer.com ----- Datum: Mon, 26 Aug 2013 23:54:55 +0200 Von: Matthias Kauer <software@matthiaskauer.com> Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails An: x2go-user@lists.berlios.de
Hi, I am looking for input on how to set up an ssh key-based authentication.
I generated an RSA key pair with puttygen and added it to ~/.ssh/authorized_keys2 => confirmed that I can login with putty. Now, I specify the same private key in x2goclient (windows). I enter my password and I am then prompted for the password of the ssh key. I enter it and the same ssh key password prompt reappears. This seems to be an infinite loop. When I cancel it, I get a message saying that only publickey is supported as login method (which corresponds to my sshd_config settings).
I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair. putty still works as expected with both of these alternatives. x2goclient still shows the same problems however. It only lets me login if I adapt my sshd_config and authenticate via user / password combination.
Is this a known limitation? What is the best way to achieve high security? Can I limit the x2go connections to only LAN IPs (without restricting the pure ssh connections)?
Best Wishes, Matthias Kauer
X2Go-User mailing list X2Go-User@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-user
----- Ende der weitergeleiteten Nachricht -----
X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev
Hi Mike, thanks for the confirmation and the submission.
If anyone is interested, one thing I did for now, to address this issue was to allow password-based access from my LAN addresses as described here: http://askubuntu.com/questions/101670/how-can-i-allow-ssh-password-authentic... (Note that the match block should be at the end of sshd_config file as it affects all statements below it if I understand it correctly)
Use a |Match| block in |/etc/ssh/sshd_config|.
|PasswordAuthentication no
Match address 192.0.2.0/24 PasswordAuthentication yes |
Best, Matthias
On 27/8/2013 12:34 PM, Mike Gabriel wrote:
Package: x2goclient Tags: confirmed Version: 4.0.1.0 Severity: important x-debbugs-cc: software@matthiaskauer.com
I myself have also observed the issue reported by Matthias. Adding this as a bug. This should get fixed before the release of 4.0.1.1.
Mike
----- Weitergeleitete Nachricht von software@matthiaskauer.com ----- Datum: Mon, 26 Aug 2013 23:54:55 +0200 Von: Matthias Kauer <software@matthiaskauer.com> Betreff: [X2Go-User] Login via ~/.ssh/authorized_keys fails An: x2go-user@lists.berlios.de
Hi, I am looking for input on how to set up an ssh key-based authentication.
I generated an RSA key pair with puttygen and added it to ~/.ssh/authorized_keys2 => confirmed that I can login with putty. Now, I specify the same private key in x2goclient (windows). I enter my password and I am then prompted for the password of the ssh key. I enter it and the same ssh key password prompt reappears. This seems to be an infinite loop. When I cancel it, I get a message saying that only publickey is supported as login method (which corresponds to my sshd_config settings).
I then tried renaming ~/.ssh/authorized_keys and using a DSA key pair. putty still works as expected with both of these alternatives. x2goclient still shows the same problems however. It only lets me login if I adapt my sshd_config and authenticate via user / password combination.
Is this a known limitation? What is the best way to achieve high security? Can I limit the x2go connections to only LAN IPs (without restricting the pure ssh connections)?
Best Wishes, Matthias Kauer
X2Go-User mailing list X2Go-User@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-user
----- Ende der weitergeleiteten Nachricht -----
-
Matthias Kauer -
Mike Gabriel -
Stefan Baur